Re: [DNG] [SECURITY] [DSA 5649-1] xz-utils security update

Autor: Martin Steigerwald
Fecha:
A: DNG
Cc: Marin Ivanov
Asunto: Re: [DNG] [SECURITY] [DSA 5649-1] xz-utils security update

Marin Ivanov - 30.03.24, 18:33:17 CET:
> Devuan is not affected.
>
> > Devuan is not affected by the latest vulnerability caused by systemd.
> > The malicious backdoor in xz/liblzma is a vector for remote
> > exploitation of the ssh daemon due to a dependency on systemd for
> > notifications and due to systemd's call to dlopen() liblzma library
> > (CVE-2024-3094)
> Src: https://twitter.com/DevuanOrg/status/1774029432979653069

Ah, great!

Thanks.

--
Martin

Este mensaje es parte del siguiente hilo:
	El árbol completo de hilos, ordenados por fecha
	sawbona, mensaje del
	Arnt Karlsen, mensaje del

Donate to Dyne.org